Citizens don't trust UK.GOV with their data
Pity, as Digital Economy Bill means it's about to get hold of even more..
UK citizens have little faith in the government's ability to securely handle their private data - according to a wide-ranging survey which echoes findings by the National Audit Office.
Just 22 per cent believed that the government has appropriate means to stop cyber-attacks and identity breaches, according to 1,500 citizens polled by YouGov on behalf of security biz Covata.
Only 37 per cent said they were confident that the government would keep their personal data secure; while 32 per cent believed departments would not be able toe share information securely between public sector bodies.
The findings come as the government intends to increase the ease with which the public sector can access citizen data via the Digital Economy Bill.
However, 51 per cent said it would be easier to use online government services if departments could share more information.
But a recent report by the National Audit Office slammed Whitehall for its poor infosec practices.
It found the Cabinet Office is failing to coordinate the UK's government departments' efforts to protect information. It reported 9,000 data breaches in the 17 largest government departments in 2014/15.
Some 54 per cent named security as the number one priority for moving more government services online.
In an open letter to the government, Covata wrote:
At the very least, all sensitive information should be encrypted by default. Strict controls must be in place to guarantee that only authorised personnel can access this information. Who attempts to access which files should be constantly monitored to ensure no breaches of protocol. Departments should make it impossible for files to be shared by unauthorised channels, such as consumer-grade file sharing or cloud-based platforms.
A little self interested coming from a security biz, perhaps. But nevertheless fair comment. ®
- Black Hat
- Common Vulnerability Scoring System
- Cybersecurity and Infrastructure Security Agency
- Cybersecurity Information Sharing Act
- Data Breach
- Data Protection
- Data Theft
- Digital certificate
- Federal government of the United States
- Government of the United Kingdom
- Identity Theft
- Kenna Security
- Palo Alto Networks
- Trusted Platform Module
- Zero trust